b73465fc1a29100744ed8505e0b1a1c4.ppt
- Количество слайдов: 24
An overview of IS&T's Citrix Architecture and Applications Network & Infrastructure Services Team Mark Silis and Richard Edelson
Why use Citrix? • Applications that are not multiplatform – Windows only applications • Central Maintenance of front end apps – DB Front end apps require maintenance • License pooling – Maintaining licenses just for concurrent use • “Thin Client” – Bandwidth advantages – DB Front end apps may require more bandwidth unavailable to remote users • Easy availability for specialty applications – Some apps do not need to be deployed to all desktops
Citrix usage @ MIT • Running since 2003 • Currently 1100 registered MIT users • In use by both Administrative and Academic spaces • 32 Published applications in production • Production and Staging environments • Supported by Computing Helpdesk
Citrix Architecture The Web Front End Clients Sun/Apache Webservers Web Browser sends user’s MIT certificate Webserver sends content The certificate authenticates the user to the application chooser The user selects an application icon and the webserver sends an ICA file with the application
Web Back End Sun/Apache Webservers Citrix Server Farm - Windows Application icons And ICA settings The application icons and ICA setting files are published By the Citrix Server Farm and passed to the client by the front end webservers
https: //citrix. mit. edu The first logon screen, a user must activate their account for use with Citrix The user is authenticated to the application chooser via their certificate
ICA Client software If you have not installed the ICA client software you will need to do so at this point The Mac and Windows clients are available from the install Citrix link on the MIT Citrix logon page Clients for a number of operating systems are available as a free download from the Citrix website: http: //www. citrix. com/English/SS/downloads. asp? d. ID=2755
Application Chooser The user selects the icon for the application they wish to launch Then the ICA file is sent from the webserver to the client The Citrix servers check ACL’s for each application to control user access
The ICA file • The Citrix ICA file is an ASCII file containing the connection parameters for a particular application • The file is downloaded by the browser from the webserver and when run it launches the Citrix client with it’s parameters
Connecting to the Citrix Farm Citrix ICA Clients Citrix Server Farm ICA File SSL Enabled 128 -bit (RCS) Encryption required Clients connect to the Server Farm and are presented with a Windows logon screen
Windows Authentication • The MIT Citrix Farm is part of the MIT Central Windows • • domain win. mit. edu. Trust of MIT Kerberos Realm by win. mit. edu allows single sign-on to multiple resources. Cross realm logon using Kerberos V 5 takes place when the user authenticates. No need to create a separate user space for Citrix accounts users logon with their MIT Kerberos ID IS&T had to make custom modifications to the Citrix environment to support trusted Kerberos logons The domain uses roaming user profiles by default , this allows Citrix users to store data in home directories for later use
WIN. MIT. EDU Architecture Moira Populator MIT Kerberos KDC’s WIN. MIT. EDU DC’s MITnet DNS Data Warehouse Query Data Feed
Roaming user profiles • Win. mit. edu is migrating to native Windows storage Citrix Farm \win. mit. edudfsprofiles The user will see drive H: mapped to their home directory
ICA Client for Macintosh • Client drive mappings – Menu in the client shows which local resources are mapped to the windows environment, Floppy, CD-ROM, HD • Windows UI for file transfer – In the Citrix session the explorer UI in the open and save boxes can be used to transfer files between client and server drives • Printer mapping – Local printer is mapped for the user, other printers are also available
Client Drives The drive menu will display which local disk resources can be mapped remotely
Using the explorer UI Copy and Paste may be used within the Open and Save navigation windows Files can be moved between the Macintosh HD and the remote storage
Citrix Printing • Client will default to mapped local printer, local KLPR print queues are available • Future directions for Citrix printing – SAMBA will replace KLPR queues in win. mit. edu • The next version of Citrix will have more advanced printer driver support
Published Applications • Adonis – A database application setup on the Citrix server at the request of Resource Development. Resource development is a primarily Mac environment and they depend upon the Citrix environment to allow them to use this application. • Brio Query – The Brio Query application is made available through citrix at the request of the MIT Data Warehouse team. Oracle failed to make available a viable Oracle client for Mac OSX and as a result IS&T was unable to have a viable Brio Query solution for the Macintosh. Making this application available via citrix allows Macintosh users on campus access to the Brio Query application from their Mac. • Graduate Admissions – The Graduate Admissions application is a Windows only application that utilizes a custom solution for authenticating to the mainframe. The application is made available via citrix to support their Macintosh user community.
Published Applications (2) • MDL Crossfire Commander V 6 • Sci. Finder – These applications are made available through citrix at the request of the MIT Libraries. The applications require a fairly complex installation, and using Citrix allows their clients to access the services provided via these applications, without having to go through a complex an error prone software installation process.
Published Applications (3) • MIT Coeus • MITID – This application is made available via citrix at the request of the MITid team in order to support client access to the MITid service. The MITid service does have a web client, but the web client lacks the functionality offered by the Windows only desktop client. • MITSIS via Host Explorer – This application is made available via citrix at the request of SSIT, in order to support their Macintosh user community. This application is used to connect to the mainframe securely, and there does not exist a suitable alternative application on the Macintosh.
Published Applications (4) • Microsoft Project 2003 • Microsoft Visio 2003 – These applications are made available via citrix to support collaboration on large IS&T projects whose participants are using a diverse set of platforms. • Roles – This application is made available via citrix at the request of the roles maintainers in order to support their Macintosh client community. • Sum. MIT – This Windows only application is made available at the request of the Controllers Accounting Office in order to support their Macintosh clients.
Published Applications (5) • ARCGIS – – – Arc. Catalog Arc. Map Arc. Toolbox – – – Arc. Edit Arc. Tools Arc. Plot Formedit • Arcinfo. Workstation: The GIS applications are made available in order to support incoming students offcampus completing GIS training workshops prior to their arrival on MIT's campus.
Published Applications (6) • SAP – – – SAP Production Batch SAP Logon SAP Development SAP Education & Practice SAP HR-Payroll Testing 1 SAP HR-Payroll Testing 2 SAP Pre-Staging SAP Prototyping SAP Staging SAP Testing & QA SAP Training The SAP application is made available at the request of the Controllers Accounting Office in order to support the IXOS application for viewing invoices on the Macintosh. Without support for the Macintosh CAO would not have been able to retire the previous process of using paper for these transactions.
Questions